Coinbase Hacked and Turns the Tables on the Cybercriminals!

6Lm7...Gg5t
16 May 2025
74

This is how you handle cybercrime digital extortion! Coinbase was compromised by trusted 3rd party partners, which exposed customer data — but customer keys to their assets were still safe. The cyber criminals then attempted to extort $20 million from Coinbase, to keep the attack secret.

Coinbase’s answer: NO! Instead, they are creating a $20 million fund to help catch the attackers — thereby turning the tables on the extortionists!

This is AWESOME! Welcome to the big leagues!

This sends a huge message:

  1. Coinbase takes security seriously and knows never to pay ransomware or other digital extortion. They are following common sense, that so many others ignore: Never give aid to your enemy!
  2. It also signals to other potential criminals that Coinbase is a wasted effort, as they won’t pay. Why would a cybercriminal, who seeks personal financial gain, attack them if extortion is off the table?
  3. By matching the ransom demands as a bounty for the attackers, they now must contend with the greed of their trusted 3rd parties that know who they are. How willing are their ‘friends’ to identify the attackers, for a sweet reward? The hunters now become the hunted. Brilliant!
  4. With the loss of customer name and contact data, there may be some social engineering attacks, but Coinbase has already said they will make customer whole if that happens. Bravo.
  5. Lastly, Coinbase is being transparent — which is exactly the opposite of what the attackers want. They are following the rule I taught my children — never do what the attacker wants, as they have a plan it always ends with them winning!


In cybersecurity we must manage risks. Most think it must be done exclusively with technology tools, but sometimes we can also discourage and dissuade attackers. What Coinbase has done is essentially target the cybercriminal Threat Agents, by using psychological deterrence. Future criminal attackers will not want to be in a position where they waste efforts to only become a target themselves.

This is a playbook for every company out there that is at risk of ransomware or other digital extortion! Craft your defense and response capabilities to be able to respond like Coinbase, in the unfortunate event of a breach.

My absolute congratulations and respect to Coinbase executive leadership: Brian Armstrong CEO, Jeff Lunglhofer CISO, and Philip Martin CSO

BULB: The Future of Social Media in Web3

Learn more
Enjoy this blog? Subscribe to MRosenquist

1 Comment